This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
AdaCoul
Participant
‎2019-03-06 12:56 PM

Network Design for puting 3200 Appliance

Hello everybody,

In attached, the network design. We have to put the 3200 appliance into Main Site Network.

Main site is interconnected to branch offices through interco router (no internet on this router) and each branch office has his owvn internet connexion. Branch offices can also access to the servers in Main Site LAN.

Into Main Site LAN, servers can only use the interconnexion link to go to the branch offices and get to internet through ADSL Router. The others hosts can only use FC Router to get to Internet.

So my questions are :

1) What is the best position to put the checkpoint ?

2) In this case, what will be different modifications to do and the routing config options on the checkpoint ?

NB : I specify that the switch is unmanaged.

Thank for your help.

Preview file
97 KB
0 Kudos
4 Replies
Maarten_Sjouw
Champion
Champion
‎2019-03-06 01:53 PM

Is there a specific reason for the 2 different internet connections?

In this case I would just put the 3200 with 2 ports to the 2 internet routers and setup ISP redundancy.

Add one connection from the 3200 to the Interco router and set all machines to use that router as the default route.

On the Interco router add a default route towards the 3200 and you're all set.

Regards, Maarten
AdaCoul
Participant
‎2019-03-07 02:13 AM
In response to Maarten_Sjouw

Hi Maarten,

Thank You !!!

We have to protect only the Main Site LAN from the Internet and also from the Interco link (because all the branch offices have their own Internet and they can access to Main Site LAN).

The reason for the 2 differents internet connections is that the config are made in such a way that only servers can use the Interco and get access to Internet through ADSL Router. The other hosts don't access the this interco and can access to the Internet directly through FC Router.

So I don't know if ISP redundancy can be use in this case.

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2019-03-07 04:18 AM
In response to AdaCoul

then this would be the preferred way to go, however, do keep in mind that your servers will from that point on use the botom internet connection, the lower cloud is internet, the upper cloud is Interco connections.

Regards, Maarten
AdaCoul
Participant
‎2019-03-08 09:04 PM
In response to Maarten_Sjouw

Hi Maarten,

Many thanks !!!

I got best understanding with this diagram.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events